[
https://issues.apache.org/jira/browse/DERBY-3614?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dag H. Wanvik updated DERBY-3614:
---------------------------------
Component/s: Miscellaneous
> Granted SystemPermissions are ignored when granted later with same target and
> different action
> ----------------------------------------------------------------------------------------------
>
> Key: DERBY-3614
> URL: https://issues.apache.org/jira/browse/DERBY-3614
> Project: Derby
> Issue Type: Bug
> Components: Miscellaneous
> Affects Versions: 10.4.1.3
> Environment: Security Manager installed, custom policy file
> Reporter: John H. Embretsen
> Priority: Minor
>
> org.apache.derby.security.SystemPermission represents access to system-wide
> Derby privileges, such as privileges relating to JMX management and
> monitoring. A system permission is identified by a name (aka. "target") and
> optionally an action associated with that name. SystemPermission extends
> java.security.BasicPermission. See also DERBY-3491.
> If a SystemPermission is granted for the same target (name) more than once in
> a set of policy files loaded by the security manager, the last entry seems to
> overwrite any previous entries, potentially causing SecurityExceptions.
> Details follow.
> The currently accepted targets are: engine, server, jmx
> The currently accepted actions are: monitor, control, shutdown
> If a policy file specifies e.g.
> grant {
> permission org.apache.derby.security.SystemPermission "server",
> "monitor";
> permission org.apache.derby.security.SystemPermission "server",
> "control";
> }
> then the first ("server", "monitor") permission is ignored when the
> permission checks are actually performed by the security manager.
> No documentation currently specifies the behavior of SystemPermission in such
> cases. It seems that the most common and least error-prone way of handling
> this is to accept each permission grant entry unless there is a conflict
> between the entries (in which case the result should be well defined and
> documented).
> Current behavior seems unintuitive and is contrary to the behavior of similar
> permissions available in the Java platform, e.g. java.util.PropertyPermission
> which also extends java.security.BasicPermission. For example, the following
> grants both "read" and "write" permissions to all Principals and codebases:
> grant {
> permission java.util.PropertyPermission "my.sysprop", "write";
> permission java.util.PropertyPermission "my.sysprop", "read";
> }
> A workaround is to make sure that the same permission/target is not specified
> more than once within a set of policy files. If more than one action needs to
> be granted for the same target, the following syntax will work:
> grant {
> permission org.apache.derby.security.SystemPermission "server",
> "monitor,control";
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
